CVE-2018-18586

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-18586
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-18586.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-18586
Downstream
Related
Published
2018-10-23T02:29:00Z
Modified
2025-10-21T04:32:19.695430Z
Severity
  • 5.3 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator
Summary
[none]
Details

chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application

Database specific 
{
    "isDisputed": true
}
References

Affected packages

Git / github.com/kyz/libmspack

Affected ranges

Type
GIT
Repo
https://github.com/kyz/libmspack
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
7cadd489698be117c47efcadd742651594429e6d

Affected versions

1.*

1.7

v0.*

v0.0.20060920alpha
v0.3alpha
v0.4alpha
v0.5alpha
v0.6alpha
v0.7.1alpha
v0.7alpha

v1.*

v1.0
v1.1
v1.2
v1.3
v1.4
v1.5

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "132217244909678999437045884994041631732",
                "118486685220162301588933284659837502589",
                "222615661882722935798674702194044547538",
                "219466755054797721960266295314213546095",
                "121151598458548409255316740935381343568",
                "251794852627836227553566778864470334558",
                "276386435241628830137813434249006767161",
                "175017918290597721448889109973898583339",
                "76346329143149834116510719185726473758",
                "63418847592787521052761912317172777863",
                "178541120143036453390048197284215582459",
                "225241872322959364675261907169332432852",
                "5687739501093445154981481862495263751",
                "215127561223302871173399771134414929721",
                "293357833663568891914347203216630066385",
                "186174406741438164710290524819104471828",
                "293306914388071824781965863647218258380",
                "167691164685362533630025839601672666569",
                "149824802092469499658294486183158614954",
                "254789303695554541346853322408141944304",
                "80947747128519016585894919489949934570",
                "175320454547622884216682052703172976605",
                "120624756470267526030997539398261046599",
                "261759257982953005752840463689673345315",
                "213928999277667040425900834898570427129",
                "70005316954701892465692955578209039965",
                "231195700645312976446011945221240415851",
                "228196885841981192425952172150817854482",
                "174304417751722594597093677375760400835",
                "152355533426064100670146862363160293275",
                "249762788559237212680438951250333340720",
                "87411400792090358020183565937091936690",
                "6744364880911807034699269934291871313",
                "194583843208136331365198575948792565834",
                "9780324754441355153589338133080765820",
                "294642448661868398785201737223518408646",
                "252457921278666985873737785292667935433",
                "158867895338525521147741642841601864584",
                "305130856208786088562017513659960910702",
                "41904302489867191859186942943233399570",
                "174398465214914042445324696526882070075",
                "183320402960802003877949183047325896275",
                "189508025214272293236424464960845164093",
                "101928875653620123931473633201290476150",
                "110114845122702344456797587701237160105",
                "310776510053239329395433180738797107623",
                "8489312533346179172916505379326312764",
                "63079483386643476811183316788393478357",
                "100537737846989771671509143207413508929",
                "242837151747184648146970527131172575458",
                "79920160273488118676337121161141022489",
                "104268556886586718973627451693583341293",
                "284563985493391703476617016659624302384",
                "227524432114338156336445170894261347705",
                "60636500522078535908579059062906699466",
                "41015532848011598996548738304648322688",
                "38050941284915674202415563781145260997",
                "108765095596990967572773563646003538941",
                "198336727089604421929377117405484585559",
                "161681440077813729876365982894559509543",
                "270424609327362527655435360931025506009",
                "135647053476087047233109166941984931369",
                "173861429623871299760377822238913944644",
                "132669422380041523076200484778224511734",
                "1309430708804111996759419706833211170",
                "178450306176084823109919980947646734888",
                "218810929613725555102614093969984362302",
                "2296226440901098574089782012342800808",
                "229337352905290427095117294339535507851",
                "291655022682040911965606594361371420754",
                "98969152067630238017861340398579647254",
                "241015714968160062448308658251007238117",
                "124076827736943902471002866881412944255",
                "53344881501313825978030816336204935628",
                "273555304606131816135686695310577248235",
                "31175708583529425594189889907309991586",
                "191041860770047005057657380764910146537"
            ]
        },
        "deprecated": false,
        "signature_type": "Line",
        "target": {
            "file": "libmspack/src/chmextract.c"
        },
        "source": "https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d",
        "id": "CVE-2018-18586-7505825f"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "59135860739822885713181976095235092158",
            "length": 1269.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "main",
            "file": "libmspack/src/chmextract.c"
        },
        "source": "https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d",
        "id": "CVE-2018-18586-bb60fb48"
    },
    {
        "signature_version": "v1",
        "digest": {
            "function_hash": "241467629137614069631945326365599028761",
            "length": 1807.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "target": {
            "function": "create_output_name",
            "file": "libmspack/src/chmextract.c"
        },
        "source": "https://github.com/kyz/libmspack/commit/7cadd489698be117c47efcadd742651594429e6d",
        "id": "CVE-2018-18586-e6dab8e6"
    }
]